- The article is translated from the article HTTP and everything you need to know about it by the faun author.
HTTP stands for Hypertext Transfer Protocol and HTTP is the communication protocol used for web browsing. This protocol is based on the model in which your client makes an HTTP request to the web server and that server responds to the resources displayed in the browser.
Each HTTP interaction includes a request and response. By its nature, HTTP is stateless.
stateless means all requests are separate, so each request must contain enough information to make the request itself. That means that each transaction of the message based on the HTTP model is handled separately.
The idea of the web is structured around resources, from the start, the Web is the basis for sharing text / HTML, documents, images, etc. and so it can be considered a collection of resources .
Other noteworthy protocols are:
- File Transfer Protocol (FTP) – is the standard protocol used to transfer files between client and server over a network.
- Simple Mail Transfer Protocol (SMTP) is a standard for email transmission.
Domain – The name used to identify one or more IP addresses where resources are located.
Path Specifies the location of resources on the server. It uses the same logic as the resource location used on the device you are reading this article (i.e. / p / nhung-dieu-can-biet-ve-http-gDVK2mvA5Lj or C: / my Cars / VWBeetle .pdf).
Parameters – Additional data used to identify or filter resources on the server.
Note When searching for articles and more information about HTTP you may encounter the term URI (or uniform resource identifier). URI is sometimes being used instead of URL but mostly in formal specifications and by people who want to show off When searching for articles and more information about HTTP, you may come across the term URI (uniform resource identifier). URIs are sometimes used instead of URLs but mostly in official specifications and by people who want to show off, show off
In HTTP, every request must have a URL. Also, the request needs a method. The four main HTTP methods are:
I will explain these methods and more, in the HTTP Methods section of this article.
And these methods correspond directly to the above actions:
All HTTP messages have one or more
header , followed by an optional
body . The body containing the data will be sent with the
request or the data received with the
The first part of each HTTP request contains three items:
- GET / adds / search-result? Item = vw + beetle HTTP / 1.1
When a URL contains a? Other means it contains a query. That means it will send the parameters of the requested resource.
- The first part is a method that tells us which HTTP method to use. The most commonly used method is the GET method. The GET method takes a resource from the web server and since GET does not have the message body after the header is necessary.
- The second part is a requested URL.
- The third part is an HTTP version being used. Version 1.1. is the most popular version for most browsers, however, version 2.0 is taking over.
There are also some other interesting things in the HTTP request:
Referer header – indicates the URL from which the query originated.
User-Agent header – additional information about the browser being used to make the request.
Host header – uniquely identifies a host name, necessary when multiple websites are hosted on the same server.
Cookie header – sends additional parameters to the client.
As in HTTP requests, HTTP responses also include three items: For example: HTTP / 1.1 200 OK
- The first part is the version of HTTP being used.
- The second part is the http status code of the result for the request.
- The third part is a textual description of the second part.
There are some other interesting things in the HTTP response: Server header – the information that the web server software is being used.
Set-Cookie header – plays cookies to the browser.
Message body – Typically, an HTTP response may contain content.
Content-Length header – indicates the size of the body in bytes.
The most common methods are GET and POST, but there are many more.
GET – is used to request data from a specified resource in which the data cannot be modified in any way because GET requests do not change the status of the resource.
POST – is used to send data to the server to create resources.
PUT – method to update existing resources on the server using the content in the body of the request.
HEAD – this method has the same function as the GET method but with one difference is that the return of the HEAD method cannot contain the body in résponse. However, the return section will contain the same title as when GET was used. The HEAD method is used to check if the resource is present before making a GET request.
TRACE – method designed for diagnostic purposes. The response will contain the exact body of the request message.
OPTION – this method is used to describe the communication options (HTTP method) available for the target resource.
PATCH – The PATCH method is used to apply partial modifications to a resource.
DELETE – DELETE method deletes the specified resource.
Representational state transfer (REST) is an architectural type in which requests and responses contain representations for the current state of system resources.
Need more to know about the REST API so please dig deeper.
There are three main components that make up the request / response structure. including:
- First line
- Body / Content
We talked about the First line in the request + response HTTP, the body function has been mentioned and now we will talk about the HTTP headers.
HTTP headers are added after the first line and are defined as
name: value pairs separated by colons. HTTP headers are used to send additional parameters along with the request or response.
As we said, the body of the message includes data sent with the request or data received along with the response.
There are different types of headers and we group them based on their use into four main categories: General headers – Headers can be used in both requests and response messages and are independent of the data being exchanged. Request header – These headers specify parameters for the requested data or parameters that provide important information about the client application that makes the request. Response header – These headers contain information about the response. Entity headers – Entity headers describe the content that makes up the body of the message.
HTTP status codes
Each HTTP response mesage must contain the HTTP status code in the first line, telling us the result of the request.
There are five groups of status codes grouped by the first digit:
- 1xx – information.
- 2xx – request was successful.
- 3xx – the client is redirected redirected to another resource.
- 4xx – request includes an error of some kind.
- 5xx – Server encountered an error while making a request
Full list of HTTP status codes and explanations: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status
HTTPS (Hypertext Transfer Protocol Secure)
The protocol version of the HTTP protocol, HyperText Transfer Protocol Secure (HTTPS), HTTPS, provides an encrypted communication between the browser and the website (server).
In HTTPS, communication protocols are encrypted using Transport Layer Security (TLS) or Secure Sockets Layer (SSL).
Therefore, the protocol is also commonly referred to as HTTP over TLS or HTTP over SSL.
Both TLS and SSL protocols use asymmetric encryption systems. The asymmetric encryption system uses the public key (the encryption key) and the private key (the decryption key) to encrypt the message. Anyone can use public key to encrypt messages. However, the private key is secret and that means that only the intended recipient can decrypt the message.
SSL / TLS handshake
When you request an HTTPS connection to a website, the site sends its SSL certificate to your browser. That is where your browser and website begin to communicate called SSL / TLS handshake. SSL / TLS handshake consists of a series of steps in which browsers and websites authenticate each other and initiate communication via SSL / TLS tunnel. As you may have noticed, when a reliable SSL / TLS tunnel is used during HTTPS connection, a green padlock icon is displayed in the address bar of the browser.
Benefits of HTTPS
The main benefits of HTTPS are:
- Customer information, such as credit card numbers and other sensitive information, is encrypted and cannot be blocked.
- Visitors can verify you are a registered business and you own the domain.
- Customers know that they are not allowed to access websites without HTTPS, and therefore, they are more likely to trust and complete purchases from sites using HTTPS.